The term Personally Identifiable Information (PII) will be familiar to organizations who are required to comply with regulatory standards such as PCI-DSS.
NIST Special Publication 800-122[4] defines PII as "any information about an individual maintained by an agency, including (1) any information that can be used to …
Yesterday Microsoft dropped a bombshell in containersphere, announcing Azure Container Instances, or ACI.
The PCI Data Security Standard is no news. Any entity that collects, holds or processes credit card information is obliged by this standard. What is new is the adoption of containers for production applications that may directly impact PCI compliance. With a 40% increase in Docker adoption in one year, containers …
In just about a week we will be live on stage at BlackHat 2017 with this tersely titled talk: Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers, and we are very excited.
The Center for Internet Security provides a number of guidelines and benchmark tests for best practices in securing your code. As Michael Cherny recently described, the CIS has recently published a benchmark for Kubernetes, and now we’re pleased to tell you about our new open source implementation of these tests: …
This article was originally published in infoworld.com
As part of my job, I regularly meet with devops people to discuss their container strategy. Most of the time, the people I talk to are eager to reap the many benefits containers offer, but they are new to working with them. They might have a container-based system …
This article was originally published in HelpNetSecurity.com
We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far: It is estimated that between 30 to 70 percent of code comes from 3rd party applications. This is why we patch up old libraries and …
We’re glad to announce version 2.5 of the Aqua Container Security Platform, which includes hundreds of improvements and new features. Our main focus has been on making the platform more scalable for our customer deployments, which include some of the world’s largest container setups.
The security of enterprise software has never been more important. As more and more enterprises move to container-based deployments in the public or hybrid cloud, there are increasing numbers of security professionals who must be confident that they are minimizing and controlling risk. In this post we’ll explore using
Since 1996, the HIPAA act has mandated how personal health information (PHI) should be secured and protected from prying eyes. HIPAA requirements changed how companies in the healthcare industry treat patient data, as well as the processes governing it, the applications that handle it, and the infrastructure that runs …
The Center for Internet Security (CIS) published a new banchmark last week for Kubernetes 1.6. As the adoption of container technologies grows rapidly, orchestrators have become a key enabler, since large-scale deployments can’t be managed efficiently by humans.
